require_once '../utils/function.php'; if (!isset($_SESSION['on'])) { redirect('../login.php'); exit; } if (!isset($_POST['renew'])) { redirect('../secure/accounts.php'); exit; } if (!can_create_account($_SESSION['username'])) { $_SESSION['error'] = TRUE; $_SESSION['error_log'] = 'You are not authorized to renew Linux accounts.'; redirect('../secure/accounts.php'); exit; } $days = config_days(); $length = config_length(); $pin = genpin($length); $expdate = time() + 24 * 60 * 60 * $days; $salt = gensalt(); $query = "UPDATE passwd SET password = '******', salt = '" . $salt . "', expflag = 0, expdate =" . $expdate . ", retrycount = 0 WHERE username = :renewList"; $stmt = $db->prepare($query); $stmt->bindValue(':renewList', $_POST['renewList']); $result = $stmt->execute(); $_SESSION['pin'] = $pin; $_SESSION['account'] = $_POST['renewList']; $_SESSION['has_pin'] = TRUE; $_SESSION['account_state'] = 'Renewed'; $_SESSION['error'] = TRUE; $_SESSION['error_log'] = 'Account ' . $_POST['deleteList'] . ' renewed.'; redirect('../secure/account.php');
function iCrypt($passwort, $salt) { global $crypted_password_extern, $upgrade_password; $v_passwort = ""; if ($upgrade_password == 1 && $crypted_password_extern == 0) { $salt = ""; if (defined("CRYPT_SHA256")) { $salt = '$5$rounds=5000$' . gensalt(16) . '$'; } elseif (CRYPT_MD5 == 1) { $salt = '$1$' . gensalt(8) . '$'; } else { $salt = gensalt(2); // für den Notfall Std. DES } $upgrade_password = 0; $v_passwort = crypt($passwort, $salt); } elseif ($crypted_password_extern == 0) { $upgrade_password = 0; if ($salt == 'MD5') { $v_passwort = md5($passwort); } else { $v_passwort = crypt($passwort, $salt); } } else { $v_passwort = $passwort; } return $v_passwort; }